package com.qc.ayouth.shop.admin.config.shiro;


import com.qc.ayouth.shop.core.utils.MD5;
import com.qc.ayouth.shop.core.utils.SpringContextHolder;
import com.qc.ayouth.shop.dbs.entity.TSystemAdmin;
import com.qc.ayouth.shop.dbs.service.system.TSystemAdminService;
import com.qc.ayouth.shop.dbs.service.system.TSystemMenuService;
import com.qc.ayouth.shop.dbs.service.system.TSystemRoleService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.util.StringUtils;

import java.util.List;

public class AdminAuthRealm extends AuthorizingRealm {

//    private TSystemAdminService tSystemAdminService = null;
//    @Autowired
//    TSystemRoleService tSystemRoleService;
//    @Autowired
//    TSystemMenuService tSystemMenuService;

    /**
     * @description: 授权：获取用户的角色和权限
     * @author: haojg
     * @date: 2020/7/5 12:38
     * @param principals
     * @return: org.apache.shiro.authz.AuthorizationInfo
     */
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        if (principals == null) {
            throw new AuthorizationException("缺少相关操作权限");
        }

        TSystemAdmin adminInfo = (TSystemAdmin) getAvailablePrincipal(principals);
        String roleList = adminInfo.getRoleList();

        // 获取用户的角色和权限
        TSystemRoleService tSystemRoleService = SpringContextHolder.getBean(TSystemRoleService.class);
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        info.setRoles(tSystemRoleService.getRoleSetByIdList(roleList));
        TSystemMenuService tSystemMenuService = SpringContextHolder.getBean(TSystemMenuService.class);
        info.setStringPermissions(tSystemMenuService.getPermissionsSetByRoleIds(roleList));
        return info;
    }

    /**
     * @description: 用户登录认证
     * @author: haojg
     * @date: 2020/7/5 12:38
     * @param token
     * @return: org.apache.shiro.authc.AuthenticationInfo
     */
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
        UsernamePasswordToken upToken = (UsernamePasswordToken) token;
        String username = upToken.getUsername();
        String password = new String(upToken.getPassword());

        if (StringUtils.isEmpty(username)) {
            throw new AccountException("用户名不能为空");
        }
        if (StringUtils.isEmpty(password)) {
            throw new AccountException("密码不能为空");
        }

        // 用户登录
        TSystemAdminService tSystemAdminService = SpringContextHolder.getBean(TSystemAdminService.class);
        List<TSystemAdmin> systemAdminList = tSystemAdminService.getAdminByUsername(username);
        if (systemAdminList.size() > 1) {
            throw new UnknownAccountException("同一个用户名存在两个账户");
        } else if (systemAdminList.size() == 0) {
            throw new UnknownAccountException("找不到用户（" + username + "）的帐号信息");
        }

        TSystemAdmin systemAdmin = systemAdminList.get(0);

        // 验证用户的密码是否正确
        if (!MD5.md5Encrypt(password).equals(systemAdmin.getPassword())) {
            throw new UnknownAccountException("请确认密码是否正确");
        }

        return new SimpleAuthenticationInfo(systemAdmin, password, getName());
//        return new SimpleAuthenticationInfo(null, password, getName());
    }

}
